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Cryptography  renders  the  message  unintelligible  to  outsider  by  various  transformations.  Data  Cryptography  is  the 
scrambling  of  the  content  of  data  like  text,  image,  audio  and  video  to  make  it  unreadable  or  unintelligible  during 
transmission.  As  the  data  may  include  some  sensitive  information  which  should  not  be  accessed  by  or  can  only  be  partially 
exposed  to  the  general  users.  The  principal  goal  guiding  the  design  of  any  encryption  algorithm  must  be  security  against 
unauthorized  attacks  but  performance  and  the  cost  of  implementation  are  also  important  concerns.  This  paper  provides  the 
comparison  between  the  three  popular  secret  key  encryption  techniques,  i.e.,  DES,  AES  and  the  Blowfish  with  modes  of 
operation.  The  comparison  has  been  conducted  by  calculating  the  avalanche  effect  of  these  encryption  techniques  and 
compares  them  on  the  basis  of  their  result. 

KEYWORDS:  AES,  Blowfish,  Cryptography,  DES,  Encryption,  IV  (Initialization  Vector) 


Cryptography  is  where  security  engineering  meets  mathematics.  It  provides  us  with  the  tools  that  underlie  most 
modern  security  protocols.  It  is  probably  the  key  enabling  technology  for  protecting  distributed  systems,  yet  it  is 
surprisingly  hard  to  do  right.  Cryptography  [1]  has  often  been  used  to  protect  the  wrong  things,  or  used  to  protect  them  in 
the  wrong  way.  It  is  the  art  or  science  encompassing  the  principles  and  methods  of  transforming  an  intelligible  message 
into  one  that  is  unintelligible  and  then  retransforming  that  message  back  to  its  original  form.  It  is  not  only  use  by  spies  but 
for  phone,  fax  and  e-mail  communication,  bank  transactions,  bank  account  security,  PINs,  passwords  and  credit  card 
transactions  on  the  web.  It  is  also  used  for  a  variety  of  other  information  security  issues  including  electronic  signatures, 
which  are  used  to  prove  who  sent  a  message.  In  cryptography  original  data  is  transformed  (encrypted)  into  an  unreadable 
format,  called  cipher  text.  Only  those  who  possess  a  secret  key  can  decipher  (or  decrypt)  the  message  into  plaintext. 
Cryptography  comes  from  Greek  words  meaning  "hidden  writing".  Cryptography  converts  readable  data  or  cleartext  into 
encoded  data  called  ciphertext. 
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Figure  1:  Cryptography 
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Figure  2:  The  Security  Requirements  Triad 

•  Confidentiality:  Confidentiality  refers  to  preventing  the  disclosure  of  information  to  unauthorized  individuals  or 
systems. 

•  Integrity:  Data  integrity  means  maintaining  and  assuring  the  accuracy  and  consistency  of  data  over  its  entire 
life-cycle.  This  means  that  data  cannot  be  modified  in  an  unauthorized  or  undetected  manner. 

•  Availability:  The  information  must  be  available  when  it  is  needed.  This  means  that  the  computing  systems  used 
to  store  and  process  the  information,  the  security  controls  used  to  protect  it,  and  the  communication  channels  used 
to  access  it  must  be  functioning  correctly. 

SYMMETRIC  AND  ASYMMETRIC  ENCRYPTION 
Symmetric  Encryption 

Symmetric  encryption  is  the  oldest  and  best-known  technique.  It  is  a  class  of  algorithms  for  cryptography  that  use 
the  same  cryptographic  keys  for  both  encryption  of  plaintext  and  decryption  of  ciphertext.  A  secret  key,  which  can  be  a 
number,  a  word,  or  just  a  string  of  random  letters,  is  applied  to  the  text  of  a  message  to  change  the  content  in  a  particular 
way. 
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Figure  3:  Symmetric  Encryption 

Asymmetric  Encryption 

The  problem  with  secret  keys  is  exchanging  them  over  a  large  network  while  preventing  them  from  falling  into 
the  wrong  hands.  Anyone  who  knows  the  secret  key  can  decrypt  the  message.  So  we  can  use  asymmetric  encryption,  in 
which  there  are  two  keys-  public  and  private  keys.  A  public  key  is  made  freely  available  to  anyone  who  might  want  to  send 
you  a  message.  A  second,  private  key  is  kept  secret,  so  that  only  you  know  it.  Any  message 
(text,  binary  files,  or  documents)  that  are  encrypted  by  using  the  public  key  can  only  be  decrypted  by  applying  the  private 
key.  Any  message  that  is  encrypted  by  using  the  private  key  can  only  be  decrypted  by  using  the  matching  public  key. 
This  means  that  you  do  not  have  to  worry  about  passing  public  keys  over  the  Internet. 
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Schneier  as  a  fast,  free  alternative  to  existing  encryption  algorithms.  Blowfish  is  unpatented  and  license-free,  and  is 
available  free  for  all  uses.  Blowfish  has  a  64-bit  block  size.  It  is  a  16-round  Feistel  cipher  and  uses  large  key-dependent 
S-boxes.  It  is  suitable  for  applications  where  the  key  does  not  change  often,  like  a  communications  link  or  an  automatic  file 
encryptor.  The  Blowfish  algorithm  has  many  advantages.  It  is  suitable  and  efficient  for  hardware  implementation. 
The  algorithm  consists  of  two  parts:  a  key-expansion  part  and  a  data-  encryption  part.  Key  expansion  converts  a  key  of  at 
most  448  bits  into  several  sub  key  arrays  totaling  4168  bytes.  Data  encryption  occurs  via  a  16-round  Feistel  network.  Each 
round  consists  of  a  key  dependent  permutation,  and  a  key-  and  data-dependent  substitution.  The  elementary  operators  of 
Blowfish  algorithm  include  table  lookup,  addition  and  XOR. 

MODES  OF  ENCRYPTION/DECRYPTION 
Electronic  Code  Book  (ECB) 

In  electronic  code  book  (ECB)  [3],  we  just  encrypt  each  succeeding  block  of  plaintext  with  our  block  cipher  to  get 
ciphertext.  There  is  no  interdependency  between  blocks.  In  this  mode  data  is  divided  into  64-bit  blocks.  This  mode  is 
deterministic  as  identical  plaintexts  are  encrypted  similarly.  There  is  no  chaining  and  error  propagation.  Using  ECB  mode 
to  encrypt  messages  of  more  than  one  block  length  and  that  have  an  authenticity  requirement — such  as  bank  payment 
messages — would  be  foolish.  A  big  advantage  of  this  mode  is  that  you  can  encrypt  or  decrypt  multiple  blocks  in  parallel 
but  we  have  to  make  sure  that  all  blocks  will  be  placed  in  correct  order.  The  bit  errors  caused  by  noisy  channels  only  affect 
the  corresponding  block  but  not  succeeding  blocks.  As  blocks  can  be  reordered,  it  is  its  disadvantage  as  reordering  or 
repetition  of  blocks  can  change  the  message. 

Cipher  Block  Chaining  (CBC) 

In  this  mode  we  exclusive-or  the  previous  block  of  ciphertext  to  the  current  block  of  plaintext  before  encryption. 
The  same  key  is  used  for  each  block.  The  encryption  of  all  blocks  is  "chained  together"  ciphertext  Ci  depends  not  only  on 
block  Xi  but  on  all  previous  plaintext  blocks  as  well.  CBC  mode  was  mainly  designed  to  overcome  the  security  deficiency 
of  ECB  mode.  In  this  the  same  plaintext  block,  if  repeated,  produces  different  ciphertext  blocks.  For  decryption,  each 
cipher  block  is  passed  through  the  decryption  algorithm.  The  result  is  XO  Red  with  the  preceding  ciphertext  block  to 
produce  the  plaintext  block.  The  input  IV  is  an  initialization  vector,  a  random  number  is  XO  Red  with  the  first  block  of 
plaintext.  IV  provides  the  semantic  security.  The  IV  must  be  known  to  both  the  sender  and  receiver  but  is  unpredictable  by 
a  third  party.  This  is  most  commonly  used  mode  of  operation. 

Cipher  Feedback  (CFB) 

CFB  mode  is  a  kind  of  stream  cipher.  It  is  possible  to  convert  block  cipher  into  stream  cipher  by  using  stream 
cipher  modes.  In  this  case,  rather  than  blocks  of  bits,  the  plaintext  is  divided  into  segments  of  bits.  IV  is  used  in  this  mode 
as  well  as  an  input  to  the  encryption  function.  As  a  result  of  the  use  of  an  IV,  the  CFB  encryption  is  also  nondeterministic. 
In  CFB  mode  [4],  the  previous  ciphertext  block  is  encrypted  and  the  output  is  XO  Red  with  the  current  plaintext  block  to 
create  the  current  ciphertext  block.  CFB  is  primarily  a  mode  to  derive  some  characteristics  of  a  stream  cipher  from  a  block 
cipher.  In  common  with  CBC  mode,  changing  the  IV  to  the  same  plaintext  block  results  in  different  output.  In  this  the 
message  does  not  need  to  be  padded  to  a  multiple  of  the  cipher  block  size.  For  decryption,  the  same  scheme  is  used,  except 
that  the  received  ciphertext  unit  is  XO  Red  with  the  output  of  the  encryption  function  to  produce  the  plaintext  unit.  Cipher 
feedback  is  not  used  much  anymore.  It  is  a  specialized  mode  of  operation  for  applications  such  as  military  HF  radio  links. 
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Output  Feedback  (OFB) 

It  is  a  stream  cipher  mode  that  can  encrypt  arbitrary  blocks  of  data.  OFB  encrypts  plaintext  a  full  block  at  a  time, 
where  typically  a  block  is  64  or  128  bits.  Many  stream  ciphers  encrypt  one  byte  at  a  time.  IV  is  the  initial  cipher  input. 
Output  of  cipher  is  the  key  stream,  and  is  XO  Red  with  the  plaintext  to  create  the  ciphertext.  Prior  key  stream  becomes  the 
next  IV.  Key  stream  is  in  no  way  affected  by  the  plaintext.  In  this  mode  each  bit  in  the  ciphertext  is  independent  of  the 
previous  bit  or  bits.  This  avoids  error  propagation.  The  disadvantage  of  OFB  is  that  it  is  more  vulnerable  to  a  message 
stream  modification  attack  than  is  CFB. 

AVALANCHE  EFFECT 

Avalanche  effect  refers  to  a  property  of  cryptography  encryption  algorithms.  The  small  change  in  either  the 
plaintext  or  the  key  should  produce  a  significant  change  in  the  ciphertext.  In  the  case  of  high-quality  block  ciphers,  a  small 
change  in  either  the  key  or  the  plaintext  should  cause  a  drastic  change  in  the  ciphertext.  If  cryptographic  functions  do  not 
exhibit  the  avalanche  effect,  then  it  has  poor  randomization  and  our  input  data  is  easily  predicted  only  from  the  output. 
Thus,  avalanche  effect  is  desirable  condition. 

COMPARISON  BASED  ON  AVALANCHE  EFFECT 

Now  we  compare  the  symmetric  encryption  techniques  explained  above  i.e.  DES,  AES  and  BLOWFISH  on  the 
basis  of  avalanche  effect  with  the  same  key  and  plaintexts  with  the  difference  of  one  alphabet. 

Plaintextl:  NETWORKS 

Plaintext:  NETVORKS 

Key:  EXAMPLES 

DES 

IV:  1001 1001001 101000101 1 1001 1 1001 10100000001 1001 101001 1 1 1 1001001000 
ECB  Mode 

•  Ciphertextl:  1 101 1 1010100101 1 1 10000000001 1 1 1 1 10001000101001 101 101 1 10001010000 

•  Ciphertext2:  101001010100000001 1000001000010100101 1 1001 1 1 10000001 1 1 1 1 10100101 

The  change  after  comparing  two  ciphertexts  by  changing  a  single  character  'W  to  'V  the  change  in  avalanche 
effect  was  of  3 3 -bits. 

CBC  Mode 

•  Ciphertextl:  01 1 101 1 101 101010101 1001 1 1 1 1 1001 1 1 101 100000101 10101 1 1001 1 1 10001 10 

•  Ciphertext2:  101000000101 1 101001 1 10100000101 1 1 1 1 101001 1 1 1 101 10001 10101 1 101010 

We  compared  the  two  ciphertexts  to  calculate  the  difference  and  found  out  that  there  was  a  change  in  34-bits. 
CFB  Mode 

•  Ciphertextl:  101000101 1 1 1 1 1 101 1 101 1 101 1001 101 10000101001 11101111101 1000000001 
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•  Ciphertext2:  101000101 1 1 1 1 1 101 1 101 1 101 1001 10001 1000010001 101000000101 101 10101 
20  bits  of  difference  was  noted  when  one  character  was  changed. 

OFB  Mode 

•  Ciphertextl:  1010001001010001 1001 1 1 1 1010100100101 1 1 1 1001000001 1 101001 1 10001 1 1 

•  Ciphertext2:  1010001001010001 1001 1 1 1 10101001 10101 1 1 1 1001000001 1 101001 1 10001 1 1 

We  compared  the  two  ciphertexts  to  calculate  the  difference  and  found  out  that  there  was  a  change  in  1-bit. 

AES 

IV:    1001 1001001 101000101 1 1001 1 1001 10100000001 1001 101001 1 1 1 100100100010101 1001 101 101 1 1001 101 
0101 101000010000100101 1 100100101 1 1 101 1001 

ECB  Mode 

•  Ciphertextl:    101 10001 100101 1111 10000010100001 1 1 1001 100001000001 1010101 1 1001001010001 1 1 101 100 
1001 10100001 10001001 1 100001 100101001 1 1 1 1010101 1 1 1 

•  Ciphertext2:  00101101111011011010111001000110111010000100000000000110000111011011100110110111 
01 101 101 111011 1001001 1 1001 1001 1010010001 1 1 101 100 

We  compared  the  two  ciphertexts  to  calculate  the  difference  and  found  out  that  there  was  a  change  in  69-bits. 
CBC  Mode 

•  Ciphertextl:  101 100101 1001010101001 1 101 10001 1111 10000101 1001 1 100101 10101010010101 10010101 1 1 1 1 
1 100010000010101001 1 1001 100000100001 1 1 1 1 101 1 1001 

•  Ciphertext2:  010100101000100001 101 1 1 101 1 101 10101 101 10010001 10001 10100010101001 1 101 1001001 1 101 
101 1 1 1001 1001001 1001 1 1000001 1 1 1 10000100000010010 

66-bits  of  difference  was  noted  when  one  character  was  changed. 

CFB  Mode 

•  Ciphertextl:  0101 1001 1 100001 101 100100101 101000010101 1 1 101000101 1 101001 101 1010 

•  Ciphertext2:  0101 1001 1 100001 101 100100101 101010101 101001 101 101 101 1 1 10010000010 
16-bits  of  difference  was  noted  when  one  character  was  changed. 

OFB  Mode 

•  Ciphertextl:  0101 1001001 10101 1 10100001001010001 101 1000000001 1 1 101000001 100001 

•  Ciphertext2:  0101 1001001 101011 10100001001010101 101 1000000001 1 1 101000001 100001 

We  compared  the  two  ciphertexts  to  calculate  the  difference  and  found  out  that  there  was  a  change  in  1-bit. 
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Blowfish 

IV:  1001 1001001 101000101 1 1001 1 1001 10100000001 1001 101001 1 1 1 1001001000 
ECB  Mode 

•  Ciphertextl:  01 1 101000101010100001 100001 11011111 1000101 1 1 101000001 1 10010101 1 1 

•  Ciphertext2:  0010010000101010101 10101 10010001001 1 1 1 100001 1 10010001 1 1001 100000 

We  compared  the  two  ciphertexts  to  calculate  the  difference  and  found  out  that  there  was  a  change  in  34-bits. 
CBC  Mode 

•  Ciphertextl:  1001 101 10000001 1 1010100010001 1 111011 1001 10001 1 1 1 10001001 10000000 

•  Ciphertext2:  1000101 1 1 1 1 1 1 1000001 101 11101101111010111 10010001 10010001 1001 1001 
31 -bits  of  difference  was  noted  when  one  character  was  changed. 

CFB  Mode 

•  Ciphertextl:  1010001 101 1001 100101001 10010001 1 10010001 1 10100101 1010001 1 1000001 

•  Ciphertext2:  1010001 101 1001 100101001 10010001001 1 1 101001 1001000100101 1 1 1 101 100 
20-bits  of  difference  was  noted  when  one  character  was  changed. 

OFB  Mode 

•  Ciphertextl:  1010001 101 1 1001001 101 100101 10001 101 100001 1 1 1 1 100101 1 1 1001 1 100010 

•  Ciphertext2:  1010001 101 1 1001001 101 100101 10000101 100001 1 1 1 1 100101 1 1 1001 1 100010 

We  compared  the  two  ciphertexts  to  calculate  the  difference  and  found  out  that  there  was  a  change  in  1-bit. 
RESULTS 

The  table  1  indicates  the  effect  of  avalanche  effect  in  various  techniques.  So,  from  above  result  we  find  that  AES 
with  ECB  mode  has  maximum  deviation  of  bits  therefore  it  is  best  of  all  other  techniques  and  mode  with  avalanche  effect. 
This  table  clearly  shows  the  comparison  between  different  techniques.  Besides  avalanche  effect  there  are  more  factors 
which  describe  the  performance  of  these  techniques.  According  to  [4],  Blowfish  has  better  performance  than  all  other  on 
the  basis  of  computation  time.  According  to  [5],  it  is  clear  that  the  key  size  of  blowfish  algorithm  is  high  and  that  of  DES  is 
lesser.  Hence  it  can  be  said  that  security  of  Blowfish  is  far  better  than  the  other  algorithms.  Also  DES  and  other  algorithms 
are  vulnerable  to  possible  attacks  but  Blowfish  algorithm  has  not  been  cracked  till  date. 


Table  1 


s. 

No 

Encryption 
Techniques 

ECB 

CBC 

CFB 

OFB 

Avalanche 

% 

Avalanche 

% 

Avalanche 

% 

Avalanche 

% 

Effect  (Bits) 

Effect  (Bits) 

Effect  (Bits) 

Effect  (Bits) 

1 

DES 

33 

51.56 

34 

53.12 

20 

31.25 

1 

1.56 

2 

AES 

69 

53.91 

66 

51.56 

16 

25 

1 

1.56 

3 

BLOWFISH 

34 

53.13 

31 

48.44 

20 

31.25 

1 

1.56 
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CONCLUSIONS  AND  FUTURE  SCOPE 

In  this  paper  the  techniques  of  encryption  including  DES,  AES  and  BLOWFISH  was  compared  by  calculating 
their  avalanche  effect  with  respect  to  each  mode  of  operation.  The  two  plaintexts  were  taken  with  the  difference  of  1  word 
encrypted  with  same  key.  In  the  end,  the  results  were  concluded  which  present  that  AES  with  ECB  mode  has  maximum 
change  in  the  bits  of  two  ciphertext  by  changing  one  word  in  plaintext.  OFB  mode  with  all  techniques  showed  the  poor 
performance  compared  to  all  other  modes.  A  proposed  direction  for  the  future  work  could  be  to  measure  the  performance 
by  calculating  the  effect  of  all  other  factors  on  which  algorithms  depend. 
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